Security contact requested (responsible disclosure) #40
Description
Hi maintainers — I found a security vulnerability (OS command injection / RCE class) and submitted a fix PR: #39
I don’t want to disclose details publicly. What’s the preferred private channel for a full security report? I also emailed emmett@thepi.pe